NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability

Moxa Security Advisory

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service.

The identified vulnerability types and potential impacts are shown below:

Item
Vulnerability Type
Impact

1

Stack-based Buffer Overflow (CWE-121)

CVE-2024-1220

An attacker can cause a Denial-of-service (DoS) attack

 

Vulnerability Scoring Details 

ID 

CVSS 

Vector 

Severity 

Remote Exploit without Auth? 

CVE-2024-1220

8.2

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 

High 

Yes

READ MORE